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SERIAL NO: 09/270,733 ART UNIT; 2666 

FILED: March 16, 1999 EXAMINER; Kevin C HARPER 

SUBJECT; VIRTUAL PRIVATE NETWORKS AND METHODS FOR THEIR OPERATION 





THE ASSISTANT COMMISSIONER FOR PATENTS 
WASHINGTON, D.C. 20231, U.S.A. 

Sir: 

In response to the Office Action mailed September 30, 2003, please 
amend claims I, 7, 8, 17, 18, 21, 27 and 28, and add new claims 51-56 as follows; 

1. Currently amended) A method of routing packets through a 
communications network having a plurality of distinct sets of virtual ports, no virtual 
port belonging to more than one of the distinct sets, a respective distinct broadcast 
address beind assigned to each distinct set of virtual ports, the method comprising: 
assigning a respective egress address to each packet entering the network 
via an ingress virtual port, the respective egress address corresponding to a 
respective destination address of the entering packet when a correspondence 
between the destination address and an egress address is known, and the 
respective egress audress being a broadcast egress address corresponding to the 
set comprising the innress virtual port when no correspondence between the 
destination address aVd an egress address is known; 

adding to each backet entering the network via an ingress virtual port the 
respective egress address assigned to that packet to provide a corresponding 
modified packet; 

routing the modified packet across the network according to the respective 
a dded egress address from the inoress virtual port to at least one egress virtual port 
a ssociated with the assignee egress address , added to tho packet said routing being 
restricted to virtual ports belonging to the distinct set of virtual ports which includes 
the ingress virtual port; and 

removing from each modified packet received at an egress virtual port of the 
network the egress address assigned to that packet to provide a restored packet. 
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2. (original) A method as defined in claim 1 , wherein, when the destination 
address of the packet is a unicast address and a correspondence between the 
destination address and a unicast egress address is known: 

the step of assigning an egress address comprises assigning the unicast 
egress address, said unicast egress address corresponding to an egress virtuai port 
belonging to the distinct set of virtuai ports which includes the ingress virtuai port, the 
destination address being accessible from said egress virtual port; and 

the step of routing the packet comprises routing the packet to said egress 
virtual port. 

3. (original) A method as defined En claim 1, wherein, when the destination 
address of the packet is a unicast address and no correspondence between the 
destination address and an egress address is known: 

the step of assigning an egress address comprises assigning a broadcast 
egress address corresponding to the distinct set of virtual ports which includes the 
ingress virtual port; and 

the step of routing the packet comprises routing the packet to each virtual 
port, other than the ingress virtual port ( of the distinct set of virtual ports which 
includes the ingress virtual port. 

4. (original) A method as defined in claim 1, wherein, when the destination 
address of the packet is a multicast address: 

the step of assigning an egress address comprises assigning a broadcast 
egress address corresponding to the distinct set of virtual ports which includes the 
ingress virtual port; and 

the step of routing the packet comprises routing the packet to each virtual 
port of the distinct set of virtual ports which includes the ingress virtual port other 
than the ingress virtual port. 

5. (original) A method as defined in claim 1 ( wherein, when the destination 
address of the packet is a multicast address and a correspondence between the 
destination address and a multicast egress address is known: 

the step of assigning an egress address comprises assigning the multicast 
egress address, said multicast egress address corresponding to a plurality of virtual 
ports belonging to the distinct set of virtual ports which includes the ingress virtual 
port; and 
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the step of routing the packet comprises routing the packet to each virtual 
port of said plurality of virtual ports belonging to the distinct set of virtual ports which 
includes the ingress virtual port. 

6. (original) A method as defined in claim 1, further comprising: 

assigning a respective ingress address to each packet entering the network, 

the respective ingress address corresponding to a virtual port via which the packet 

enters the network; 

using the assigned ingress addresses to populate address association tables; 

and 

using the address association tables to determine correspondences between 
destination addresses and egress addresses. 

7\(currently amended) A method of routing packets through a 
communications network having a plurality of distinct sets of virtual ports, no virtual 
port belonging to more than one of the distinct sets, a respective distinct broadcast 
address being assigned to each distinct set of virtual ports, the method comprising: 

assigning a respective egress address to each packet entering the network 
via an ingress virtual port, the respective egress address corresponding to a 
respective destination address of the entering packet when a correspondence 
between the destination address and an egress address is known, and the 
respective egrAss address being a broadcast egress address corresponding to the 
set comprising wie ingress virtual port when no correspondence between the 
destination address and an egress address is known; 

adding toteach packet entering the network via an ingress virtual port the 
respective egress\ad dress assigned to thatpacket to provide a corresponding 
encapsulated pacHpt; 

routing the Encapsulated packet m across the network according to the 
assigned resoectivetedded e gress address encapsulated in the packet from the 
ingress vi rtual port td at least one eoress virtual port associated with the assigned 
egress address , said routing being restricted to virtual ports belonging to the distinct 
set of virtual ports whifch includes the ingress virtual port; and 

removing from each encapsulated packet received at an egress virtual port of 
the network the egress ^ddress assigned to that packet to provide a decapsulated 
packet 
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8. {current/y amended) A method as dofinod in claim 7, further oomprioing of 
routing packets through a network having a Plurality of distinct sets of virtual ports. 
no virtuaf port belonging to mo re than one of the distinct sets, a respective distinct 
broadcast address being assigned to each distinct set of virtual ports, the method 
comprising: 

assigning a respective ea ress address to each packet entering the network 
via an ingress virtual port, the respective egress address corresponding to a 
respective destinatio n address of the packet when a correspondence between the 
destination addres s and an egress address is known, and the respective egress 
address being a broadcast egress address corresponding to the set comprising the 
ingress virtual port when no correspondence between the destination address and 
an egress address is known: 

adding to ea ch packet entering the network via an ingress virtual port the 
respective egress address assigned to that packet to provide a corresponding 
encapsulated packet; 

assigning a respective ingress address to each packet entering the network, 
the respective ingress address corresponding to the ingress virtual port via which the 
packet enters the network; 

adding the assigned ingress address to each packet entering the network in 
providing the corresponding encapsulated packet; and 

maintaining an address association table associated with each virtual port of 
the network, each address association table mapping each of a plurality of egress 
addresses to at least one corresponding destination address; and 

using the address association tables to determine correspondences between 
destination addresses and egress addresses 

routing the en capsulated packet in the network according to the respective 
added egress address encapsulated in the packet, said routing being restricted to 
virtual po rts belonging to the distinct set of virtual ports which includes the ingress 
virtual port; and 

removing from each encapsulated packet received at an egress virtual port 
th e_eoress address assigned to that packet to provide a decacsulated packet , 
wherein: 

on receipt of a packet entering the network via an ingress virtual port, said 
packet including a source address, an entry is added to the address association 
table associated with said ingress virtual port when said address association table 
does not contain the source address in any destination address field of said address 
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association table, said entry comprising the source address in a destination address 
field and the ingress address in a corresponding egress address field; and 

on receipt of an encapsulated packet at a virtual port of the network, said 
encapsulated packet including a source address and an ingress address, an entry is 
added to the address association table associated with said virtual port when said 
address association table does not contain the source address in any destination 
address field of said address association table, said entry comprising the source 
address in a destination address field and the ingress address in a corresponding 
egress address field. 

9, (original) A method as defined in claim i, wherein: 
the step of routing the packet according to the respective egress address 
comprises routing the packet via trunks of the network; and 

when the packet is assigned a broadcast egress address corresponding to a 
distinct set of virtual ports, the step of routing the packet comprises routing the 
packet via a restricted set of trunks containing only those trunks required to reach 
virtual ports in the distinct set of virtual ports corresponding to said broadcast egress 
address. 



10. (original) A method as defined in claim 5, wherein; 
the step of routing the packet according to the respective egress address 
comprises routing the packet via trunks of the network; and 

when the packet is assigned a multicast egress address corresponding to a 
plurality of virtual ports in a distinct set of virtual ports, the step of routing the packet 
comprises routing the packet via a restricted set of trunks containing only those 
trunks required to reach virtual ports in the plurality of virtual ports corresponding to 
said multicast egress address. 

1 1\ (previously amended) A communications network, comprising t plural 
interconnected routing devices, each routing device comprising: 

a plurality of distinct sets of virtual ports, no virtual port belonging to more 
than one of Ihe distinct sets, and each distinct set being assigned a respective 
distinct broaobast address; 

at leasVone address assigner operable to assign a respective egress address 
to each packet Entering the network via an ingress virtual port, the respective egress 
address corresponding to a respective destination address of the entering packet 
when a correspondence between the destination address and an egress address is 

5 

PAGE 6/30 * RCVD AT 12/18/2003 2:25:34 PNI [Eastern Standard Time] * SVR:USPT0-EFXRF-1/1 * DNIS:8729314 * CSID:613 768 3635 * DURATION (mm-ss):07-38 




DEC 18 2003 14=27 FR NORTEL NETWORKS 613 768 3635 TO 617038729314 P. 07/30 

DOCKET NO. : 1 0346ROUS01 U 

known, And the respective egress address being a broadcast egress address 
corresponding to the set comprising the ingress virtual port when no correspondence 
between ihe destination address and an egress address is known: and 

atYeast one router operable to route the packet according to the respective 
egress adfflress, said routing being restricted to virtual ports belonging to the distinct 
set of virtual ports which includes the ingress virtual port, 

sucli that packets can be routed by plural successive routing devices 
according totegress addresses assigned where the packets enter the network. 

12. (orfbinal) A network as defined in claim 1 1 , wherein, when the destination 
address of the packet is a unicast address and a correspondence between the 
destination addfess and a unicast egress address is known: 

each adaYess assigner is operable to assign the unicast egress address, said 
unicast egress address corresponding to an egress virtual part belonging to the 
distinct set of virtual ports which includes the ingress virtual port, the destination 
address being accessible from said egress virtual port; and 

each router b operable to route the packet to said egress virtual port. 

13. (original) A network as defined in claim 1 1 1 wherein, when the destination 
address of the packet is a unicast address and no correspondence between the 
destination address and an egress address is known; 

each address assigner is operable to assign a broadcast egress address 
corresponding to the distinct set of virtual ports which includes the Ingress virtual 
port; and 

each router is operable to route the packet to each virtual port, other than the 
ingress virtual port, of the distinct set of virtual ports which includes the ingress 
virtual port. 

14. (original) A network as defined in claim 1 1 r wherein, when the destination 
address of the packet is a multicast address; 

each address assigner is operable to assign a broadcast egress address 
corresponding to the distinct set of virtual ports which includes the ingress virtual 
port; and 

each router is operable to route the packet to each virtual port of the distinct 
set of virtual ports which includes the ingress virtual port other than the ingress 
virtual port. 
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15. (original) A network as defined in claim 1 1, wherein, when the destination 
address of the packet is a multicast address and a correspondence between the 
destination address and a multicast egress address is known: 

each address assigner is operable to assign the multicast egress address, 
said multicast egress address corresponding to a plurality of virtual ports belonging 
to the distinct set of virtual ports which includes the ingress virtual port; and 

each router is operable to route the packet to each virtual port of said plurality 
of virtual ports belonging to the distinct set of virtual ports which includes the ingress 
virtual port. 

16. (original) A network as defined in claim 1 1 , wherein each address 
assigner comprises an address association table and is operable: 

to assign a respective ingress address to each packet entering the network, 
the respective ingress address corresponding to a virtual port via which the packet 
enters the network; 

to use assigned ingress addresses to populate the address association table; 

and 

to use the address association table to determine correspondences between 
destination addresses and egress addresses. 

17. \(currently amended) A communications network, comprising: 
a plurality of distinct sets of virtual ports, no virtual port belonging to more 

than one of the distinct sets, and each distinct set being assigned a respective 
distinct broadcast address; 

at least V>ne address assigner operable to assign a respective egress address 
to each packet Altering the network via an ingress virtual port, the respective egress 
address corresponding to a respective destination address of the entering packet 
and designating aft egress virtual port of the network when a correspondence 
between the destination address and an egress address is known, and the 
respective egress address being a broadcast address corresponding to the set 
comprising the ingress virtual port when no correspondence between the destination 
address and an egress address is known and comprising an encapsulator for adding 
to each packet enterinathe network via an ingress virtual port the respective egress 
address assigned to thai packet to provide a corresponding encapsulated packet; 
and 

at least one router bperable to route the packet according to the assigned 
respective egress address Encapsulated in the packet, said routing being restricted 
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to virtual ports belonging to the distinct set of virtual ports which Includes the ingress 
virtual port; And 

a decapsulator for removing from each encapsulated packet received at an 
egress virtual bort of the network the egress address assigned to that packet on 
entering the neWorK to provide a decapsulated packet. 

18. (currently amended) A communications network as- d e f i ned in cla i m 17, 
whoroin oach addrooo acoiqnor i o oporab l o: . comprising: 

a plurality of distinct sets of virtual ports, no virtual oort belonging to more 
than one of the distinct sets, and each distinct set being assigned a respective 
distinct broadcast address: 

at least one address assianer operable: 

to assign a respective egress address to each packet entering the 
network via an ingress virtual port, the respective egress address 
corresponding to a destination address of the entering packet when a 
correspondence between the destination address and an egress address is 
known, and the respective egress address being a broadcast address 
corresponding to the set comprising the ingress virtual port when no 
correspondence between the destination address and an egress address is 
known and comprising an encapsulator for adding to each packet entering 
the network via an ingress virtual port the respective egress address 
assigned to that packet to provide a corresponding encapsulated packet: 

to assign a respective ingress address to each packet entering the 
network, the respective ingress address corresponding to the ingress virtual 
port via which the packet enters the network; 

to add the assigned ingress address to each packet entering the network in 
providing the corresponding encapsulated packet; 

to maintain an address association table, the address association table 
mapping each egress address of a plurality of egress addresses to at least one 
corresponding destination address; and 

to use the address association table to determine correspondences between 
destination addresses and egress addresses, wherein: 

on receipt of a packet entering the network via a an ingress virtual port 
corresponding to an ingress address, said packet including a source address, the 
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address assigner is operable to add an entry to the address association table 
associated with said in gress virtual port w hen the address association table does not 
contain the source address in any destination address field of the address 
association table, said entry comprising the source address in a destination address 
field and the ingress address in a corresponding egress address field; and 

on receipt of an encapsulated packet at a virtual port of the network, said 
encapsulated packet including a source address and an ingress address, the 
address assigner is operable to add an entry to the address association table 
associated with said virtual port when said address association table does not 
contain the source address in any destination address field of said address 
association table, said entry comprising the source address in a destination address 
field and the ingress address in a corresponding egress address field: 

at least one router operable to route the packet according to the respective 
egress address, said routing bei ng restricted to virtual Ports belonging to the distinct 
s et of virtual ports which includes the ingress virtual port: and 

a decapsul ator for removing from each encapsulated packet received at an 
egress virtual port of the network the egress address assigned to that packet to 
provide a decaosulated packet . 

19. (original) A network as defined in claim 11, further comprising a plurality 
of trunks interconnecting routers of the network, wherein: 

each router is operable to route the packet via trunks of the network; and 
when the packet is assigned a broadcast egress address corresponding to a 
distinct set of virtual ports, each router is operable to route the packet via a restricted 
set of trunks containing only those trunks required to reach virtual ports in the 
distinct set of virtual ports corresponding to said broadcast egress address. 

20, (original) A network as defined in claim 15, further comprising a plurality 
of trunks interconnecting routers of the network, wherein: 

each router is operable to route the packet via trunks of the network; and 
when the packet is assigned a multicast egress address corresponding to a 
plurality of virtual ports in a distinct set of virtual ports, each router is operable to 
route the packet via a restricted set of trunks containing only those trunks required to 
reach virtual ports in the plurality of virtual ports corresponding to said multicast 
egress address. 
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21\ (currently amended) A routing device for a communications network, the 
routing device comprising: 

a plurality of distinct subsets of virtual ports, no virtual port belonging to more 
than one of \he distinct subsets, and each distinct subset being a subset of a 
respective distinct set of virtual ports of the network and each distinct set being 
assigned a respective distinct broadcast address; 

at least ine address assignor operable to assign a respective egress address 
to each packet entering the network via an ingress virtual port, the respective egress 
address corresponding to a respective destination address of the entering packet 
and designating art eg ress virtual port of the network w hen a correspondence 
between the destination address and an egress address is known, and the 
respective egress address being a broadcast address corresponding to the set 
comprising the ingreste virtual port when no correspondence between the destination 
address and an egresi address is known; and comprising a packet modifier for 
adding to each packet Entering the network via an ingress virtual port the respective 
egress address assigneu to that packet to provide a corresponding modified packet; 

at least one routeV operable to route the packet according to the respective 
egress address added to \he modified packet, said routing being restricted to virtual 
ports belonging to the distinct set of virtual ports which includes the ingress virtual 
port; and \ 

a packet restorer for removing from each modified packet received at an 
egress virtual port of the network the egress address assigned to that packet on 
entering the networkj o provide)a restored packet. 

22. (original) A routing deOjce as defined in claim 21 , wherein, when the 
destination address of the packet is a unicast address and a correspondence 
between the destination address and a unicast egress address is known: 

each address assigner is operable to assign the unicast egress address, said 
unicast egress address corresponding to an egress virtual port belonging to the 
distinct set of virtual ports which includes the Ingress virtual port, the destination 
address being accessible from said egress virtual port; and 

each router is operable to route the packet to said egress virtual port. 

23. (original) A routing device as defined in claim 21 , wherein, when the 
destination address of the packet is a unicast address and no correspondence 
between the destination address and an egress address is known; 
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each address assigner is operable to assign a broadcast egress address 
corresponding to the distinct set of virtual ports which includes the ingress virtual 
port; and 

each router is operable to route the packet to each virtual port of the distinct 
set of virtual ports which includes the ingress virtual port other than the ingress 
virtual port. 

24. (original) A routing device as defined in claim 21, wherein, when the 
destination address of the packet is a multicast address: 

each address assigner is operable to assign a broadcast egress address 
corresponding to the distinct set of virtual ports which includes the ingress virtual 
port; and 

each router is operable to route the packet to each virtual port of the distinct 
set of virtual ports which includes the ingress virtual port other than the ingress 
virtual port. 

25. (original) A routing device as defined in claim 21, wherein, when the 
destination address of the packet is a multicast address and a correspondence 
between the destination address and a multicast egress address is known: 

each address assigner is operable to assign the multicast egress address, 
said multicast egress address corresponding to a plurality of virtual ports belonging 
to the distinct set of virtual ports which includes the ingress virtual port; and 

each router rs operable to route the packet to each virtual port of said plurality 
of virtual ports belonging to the distinct set of virtual ports which includes the ingress 
virtual port. 

26. (original) A routing device as defined in claim 21, wherein each address 
assigner comprises an address association table and is operable: 

to assign a respective ingress address to each packet entering the network, 
the respective ingress address corresponding to a virtual port via which the packet 
enters the network; 

to use assigned ingress addresses to populate the address association table; 

and 

to use the address association table to determine correspondences between 
destination addresses and egress addresses. 
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27. {currently amended) A routing device for a communications network, the 
routing device comprising: 

atolurality of distinct subsets of virtual ports, no virtual port belonging to more 
than one kf the distinct subsets, and each distinct subset being a subset of a 
respectiveUistinct set of virtual ports of the network and each distinct set being 
assigned aVespective distinct broadcast address; 

at lekst one address assigner operable to assign a respective egress address 
to each pacltet entering the network via an ingress virtual port, the respective egress 
address corresponding to a respective destination address of the entering packet 
and desig nating an egress virtual port of the network w hen a correspondence 
between the destination address and an egress address is known, and the 
respective egrdss address being a broadcast address corresponding to the set 
comprising the fogress virtual port when no correspondence between the destination 
address and an egress address is known; and comprising an encapsulator for 
adding to each packet entering the network via an ingress virtual port the respective 
egress address assigned to that packet to provide a corresponding encapsulated 
packet; \ 

at least oneVouter operable to route the packet according to the assigned 
respective egress address encapsulated in the packet, said routing being restricted 
to virtual ports belonging to the distinct set of virtual ports which includes the ingress 
virtual port; and \ 

a decapsulatorVor removing from each encapsulated packet received at an 
egress virtual port of thfe network the egress address assigned to that packet on 
entering the network to provide a decapsulated packet. 

28. (currently amended) A routing device as defined i n cla i m 27, whoro i n 
oaoh addross assignor ic oporab l o : for a communications network, the routing device 
comprising: 

a Plurality of distinc t subsets of virtual ports, no virtual port belonging to more 
th an one of the distinct subsets, each subset being a subset of a respective distinct 
set of virtual ports of the network and each distinct set being assigned a respective 
distinct broadcast address: 

at least one address assioner operable: 

to assign a respective egress address to each packet entering the network 
via an ingress virtual port, the respective egress address corresponding to_a 
destination address of the entering packet when a correspondence between the 
d estination address and an egress address is known, and the respective egress 
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address being a br oadcast address corresponding to the set comprising the ingress 
virtual port when no correspondence between the destination address and an egress 
address is known; 

to assign a respective ingress address to each packet entering the network, 
the respective ingress address corresponding to the ingress virtual port via which the 
packet enters the network; 

/ to add the assigned ingress address to each packet entering the network in 
/providing the corresponding encapsulated packet; 

to maintain an address association table, the address association table 
mapping each of a plurality of egress addresses to at least one corresponding 
destination address; and 

to use the address association table to determine correspondences between 
destination addresses and egress addresses, wherein: 

on receipt of a packet entering the network via a virtual port associated with 
an ingress address, said packet including a source address, the address assigner is 
operable to add an entry to the address association table associated with said 
inoress virtual port when the address association table does not contain the source 
address in any destination address field of the address association table, said entry 
comprising the source address in a destination address field and the ingress address 
in a corresponding egress address field; and 

on receipt of an encapsulated packet via a virtual port of the network, said 
encapsulated packet including a source address and an ingress address, the 
address assigner is operable to add an entry to the address association table 
associated with said virtual port when said address association table does not 
contain the source address in any destination address field of said address 
association table, said entry comprising the source address in a destination address 
field and the ingress address in a corresponding egress address field; 

at least one router operable to route the packet according to the respective 
egress address, sai d routing being restricted to virtual ports belonging to the distinct 
s et of virtual ports which includes the ingress virtual port: and 

a decapsulator for removing from each modified packet received at an egress 
virtual port of the network the egress address assigned to that packet to provide a 
encapsulated packet . 

29. (original) A routing device as defined in claim 21 , wherein: 

each router is operable to route the packet via trunks of the network; and 
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when the packet is assigned a broadcast egress address corresponding to a 
distinct set of virtual ports, each router is operable to route the packet via a restricted 
set of trunks containing only those trunks required to reach virtual pons in the 
distinct set of virtual ports corresponding to said broadcast egress address. 

30. (original) A routing device as defined in claim 25, wherein: 

V/ each router is operable to route the packet via trunks of the network; and 
^/ when the packet is assigned a multicast egress address corresponding to a 

V plurality of virtual ports in a distinct set of virtual ports, each router is operable to 
r%J\ route the packet via a restricted set of trunks containing only those trunks required to 
\ \j reach virtual ports in the plurality of virtual ports corresponding to said multicast 
egress address. 

31 . (original) A routing device as defined in claim 28, wherein each router 
provides IEEE 802.1 switching functionality adapted to packets encapsulated with 
ingress and egress addresses. 

?. (previously amended) A routing device for a communications network 

comprisir 1 

a pWality of distinct subsets of virtual ports, no virtual port belonging to more 
than one ofuhe distinct subsets, each distinct subset being a subset of a respective 
distinct set o\ virtual ports of the network and each distinct set being assigned a 
respective distinct broadcast address \ 

a respective address assigner for each distinct subset of virtual ports, each 
address assignor being connected to its respective distinct subset of virtual ports 
and being operac 

to assign a respective egress address to each packet entering the network 
via an ingress virtual port of the routing device, the respective egress address 
corresponding to a respective destination address of the entering packet when a 
correspondence betv\feen the destination address and an egress address is known, 
and the respective egrtess address being a broadcast egress address corresponding 
to the set comprising thfe ingress virtual port when no correspondence between the 
destination address and kn egress address is known; and 

to assign a respective ingress address to each packet entering the network, 
the respective ingress addrtass corresponding to the ingress virtual port via which the 
packet enters the network; 

each address assigned comprising: 
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art encapsulator for adding to each packet entering the network via an 
ingress virtual port the respective egress address and the respective ingress 
address assigned to that packet to provide a corresponding encapsulated packet; 
and \ 

a dedapsulator for removing from each encapsulated packet received at an 
egress virtualVpoil of the network the egress address assigned to that packet to 
provide a encapsulated packet; and 

at leastrone router connected to the address assigners and operable to route 
the packet accqrding to the egress address, said routing being restricted to virtual 
ports belonging \o the distinct set of virtual ports which includes the ingress virtual 
port. \ 

33. (original) A routing device as defined in claim 32, further comprising a 
switching element connected between at least one address assigner and its 
respective distinct subset of virtual ports, said switching element being operable to 
multiplex the virtual ports of the respective distinct subset of virtual ports onto the 
address assigner. 




34. (original) A routing device as defined in claim 33, wherein: 
each switching element provides IEEE 802.1 switching functionality; and 
each router provides IEEE 802. t switching functionality adapted to packets 
encapsulated with ingress and egress addresses. 

35\ (original) A routing device as defined in claim 32, further comprising a 
plurality of VLAN demultiplexers connected to the router, each VLAN demultiplexer 
being connected between the router and a respective plurality of the address 




assigners, each VLAN demultiplexer being associated with a respective egress 
address and being operable to route an encapsulated packet from the router to an 
address assigner associated with the ingress address ot the encapsulated packet 
such that all encapsulated packets having a common egress address and an ingress 



address corresponding to a virtual port in a particular set of the distinct sets of virtual 
ports are routed ti» an address assigner associated with that egress address and that 
particular distinct sfet of virtual ports. 

36. (original) A routing device as defined in claim 35, further comprising: 
a respective VLAN translator connected to each address assigner that is 
connected to the VLAN demultiplexer, each VLAN translator being operable to apply 
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a respective VLAN identifier to packets received from its respective address 
assigner; and 

a router demultiplexer connected to a plurality of the VLAN translators for 
routing packets received from an external router to a VLAN translator selected 
according to VLAN identifiers of the packets received from the external router. 

37. (original) A routing device as defined in claim 35, further comprising a 
respective virtual private router connected to each address assigner that is 
connected to a VLAN demultiplexer. 

38. (original) A routing device as defined in claim 37, further comprising a 
respective network address translator connected to each virtual private router for 
translating addresses between a respective first address space used by its virtual 
private router and a second address space used by an internet router. 

39. (original) A routing device as defined in claim 38, further comprising an 
Internet router connected to the network address translators, 

40. (original) A routing device as defined in claim 35, further comprising: 
an MPLS switch, the MPLS switch being operable to route packets between 

an Internet router and address assigners selected according to MPLS labels of the 
packets; and 

a respective MPLS converter connected between each address assigner that 
is connected to a VLAN demultiplexer and the MPLS switch, each MPLS converter: 

being operable to apply a respective MPLS label to each packet received 
from its respective address assigner, said MPLS label being uniquely associated 
with the MPLS converter; and 

being operable to remove MPLS labels from packets received from the MPLS 

switch. 

41. (previously amended) A method of routing packets through a 
communications network having a plurality of distinct sets of virtual ports, no virtual 
port belonging td more than one of the distinct sets, a respective distinct broadcast 
address being asfeigned to each distinct set of virtual ports, the method comprising; 

assigning a respective egress address to each packet entering the network 
via an ingress virtual port, the respective egress address corresponding to a 
respective destination address of the entering packet when a correspondence 

16 

PAGE 17/30 * RCVD AT 1211812003 2:25:34 PM [Eastern Standard Time] * SVR:USPT0-EFXRF-111 * DNIS:8729314 * CS1D:613 768 3635 1 DURATION (mm-ss):07-38 





DEC 18 2003 14:30 FR NORTEL NETWORKS 



613 768 3635 TO 617038729314 P. 18/30 



DOCKET NO.:10346ROUS01U 

betwee/b the destination address and an egress address is known, and the 
respective egress address being a broadcast address corresponding to the set 
comprisirta the ingress virtual port when no correspondence between the destination 
address and an egress address is known; 

routing the packet according to the respective egress address, said routing 
being restridted to virtual ports belonging to the distinct set of virtual ports which 
includes the Vigress virtual port; and 

routindan encapsulated packet received from the network to an address 
assigner selected according to the ingress address and the egress address of the 
encapsulated pdeket such that all encapsulated packets having a common egress 
address and an irtaress address corresponding to a virtual port in a particular set of 
the distinct sets ofWual ports are routed to an address assigner associated with 
that egress addres^ and that particular distinct set of virtual ports. 

42. (original) A method as defined in claim 41 , further comprising: 
applying a respective VLAN identifier to packets leaving the network from a 

respective address assigner; and 

routing packets received from an external router to an address assigner 
selected according to VLAN identifiers of the packets received from the external 
router. 

43. (original) A method as defined in claim 41, further comprising: 
applying a respective MPLS label to packets leaving the network from an 

address assigner, said MPLS label being uniquely associated with said address 
assigner; 

routing packets between an Internet router and address assigners according 
to MPLS labels of the packets; and 

removing MPLS labels from packets received from the Internet router. 

44. (original) A method as defined in claim 41 , further comprising; 
applying a respective identifier to packets leaving the network from an 

address assigner, said identifier being uniquely associated with said address 
assigner; and 

routing packets into and out of the network according to their respective 
identifiers. 
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45. (original) A method as defined in claim 1 , wherein at least one physical 
port of the network maps one-to-one onto a corresponding virtual port of network, 
said physical port and said corresponding virtual port being associated wrth a 
respective distinct physical address. 

46. (original) A method as defined in claim 1 , wherein at least one physical 
port of the network maps onto a corresponding plurality of virtual ports of the 
network, said physical port being associated with a respective distinct physical 
address, and each virtual port of said corresponding plurality of virtual ports being 
associated with a respective distinct combination of safd physical address and a 
respective virtual network identifier. 

47. (original) A network as defined in claim 11, wherein at least one physical 
port of the network maps one-to-one onto a corresponding virtual port of network, 
said physical port and said corresponding virtual port being associated with a 
respective distinct physical address. 

48. (original) A network as defined in claim 11, wherein at Jeast one physical 
port of the network maps onto a corresponding plurality of virtual ports of the 
network, said physical port being associated with a respective distinct physical 
address, and each virtual port of said corresponding plurality of virtual ports being 
associated with a respective distinct combination of said physical address and a 
respective virtual network identifier. 

49. (original) A routing device as defined in claim 21 , wherein at feast one 
physical port of the routing device maps one-to-one onto a corresponding virtual port 
of routing device, said physical port and said corresponding virtual port being 
associated with a respective distinct physical address. 

50. (original) A routing device as defined in claim 21 , wherein at least one 
physical port of the routing device maps onto a corresponding plurality of virtual 
ports of the routing device, said physical port being associated with a respective 
distinct physical address, and each virtual port of said corresponding plurality of 
virtual ports being associated with a respective distinct combination of said physical 
address and a respective virtual network identifier. 
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3\. (new) A method Of routi ng packets from a first customer VLAN segrr^ nt 
through aVervfce provfder network havi ng a Plurality of distinct sets of virtual ports tn 
a second customer VLAN segment, n o virtual port belonging to more than one of the 
distinct setsXa respect ive distinct broadcast address being assigned to each distinct 
set of virtuai forts, the method comprising: 

.assigning a respective e gress address of the service provider network to 
each customer LAN p acket entering the service provider network from the first 
customer VLAN foment via an ing ress virtual port, the respective eoress address 
corresponding to k r espective destination address of the customer LAN packet and 
designating an eorb ss virtual port of the service provider network when a 
correspondence bet ween the destination address and an egress address is known 1 
and the respective ebress addres s being a broadcast earess address of the service 
provider network corresponding t o the set of virtual ports of the service provider 
network comprising thfe ingress virtual port when no correspondence between the 
destination address antf an egress address is known: 

adding to each distomer LAN packet entering the service provider network 
via an ingress virtual port the respective eoress address assigned to that packet to 
provide a correspo nding Aervice provider network packet; 

routing the se rvice brovider network packet across the service provider 
network according to t he respective added eoress address from the ingress virtual 
port to at least one e gress virtual port associated with the assigned egress address. 
said routing being re stricted fa virtual ports belonging to the distinct set of virtuaj 
ports whic h includes the inoretes virtual port: and 

removing fro m each seh/ice provider network packet received at an egress 
virtual port of the service provider network the eoress address assigned to that 
packet to provide a r estored cusfomer LAN packet for communication to the second 
customer VLAN segment. 

52. (new) A method as defined in claim 51. further comprising: 
assigning a respective service provider network ingress address to each 

customer LAN packet entering the service provider network, the respective ingress 

address designating a virtual port of the service provider network via which the 

customer LAN packet enters the service provider network: 

adding the a ssigned ingress address to customer LAN packet in providing 

the corresponding service provider network packet; 
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using the assig ned ingress address to populate address association tables at 
nodes of the service provider network traversed bv the service provider network 
packet: and 

using the addr ess association tables to determine correspondences between 
destination addresses of the customer LAN segments and egress addresses of the 
service provider network. 

£6, (new) A service provider communications network for interconnecting 
customerYAN segm ents, the service provider network comprising Plural 
interconnected routing devices, each routing device comprising: 

a plurality oi distinct sets of virtual ports, no virtual port belonging to more 
than one of \he distinct sets, and each distinct set being assigned a respective 
distinct broadcast address: 

at leasl one address assioner operable to assion a respective egress address 
to each customW LAN packet entering the service provider network from a customer 
LAN segmen t via an ingress virtual port, the respective egress address 
corresponding to a destination address of the entering customer LAN packet and 
designating an egress virtual port of the service provider network when a 
correspondence between the destination address and an egress address of the 
service provider network is known, and the respective egress address being a 
broadcast address coVrespondino to the set comprising the inoress virtual port when 
no correspondence be\w een the destination address and an egress address is 
known: and \ 

at least one routqr operable to route the packet according to the respective 
egress address, said routing being restricted to virtual ports of the service provider 
n etwork belonging to the distinct set of virtual ports which includes the ingress virtual 
porL \ 

such that packets can\be routed bv plural successive routing devices 
acccordino to egress addresses assigned where the packets enter the service 
provider network. \ 

54. (new) A network as defined in claim 53. wherein each address assiqner 
c omprises an address association table and is operable: 

to assign a respective ingress address to each customer LAN packet 
entering the service provider network, the respective inoress address designating a 
virtual port of the service provider network via which the packet enters the service 
provider network: 
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touge assigned ingress ad dresses to populate the address association table: 

and 

to use the address associ ation table to determine correspondences between 
destination addresse s of customer LAN packets and egress addresses of the service 
provider network. 

5l5. (new) A routing devi ce for a service provider network for interconnecting 
customerM-AN segments, the routing device comprising: 

a plurality of distinct sub sets of virtual ports, no virtual port belonging to more 
than one ofVhe distin ct subsets, each subset beino a subset of a respective distinct 
set of virtualtoorts of the service provider network and each distinct set being 
assigned a respective distinct broadcast address of the service provider network; 

at least one address assi gner operable to assign a respective egress address 
of the service Provide r network to each customer LAN packet entering the service 
provider network fro m a customer LAN segment via an ingress virtual port of the 
routing device, the re spective egress address corresponding to a destination 
address of the entering custo mer LAN packet and designating an egress virtual port 
of the service provide r network when a correspondence between the destination 
address and an eoVes s address of the service provider network is known, and the 
/ respective egress address being a broadcast address of the service provider 
network corresponding to the s et comprising the ingress virtual port when no 
correspondence betv teen the destination address of the customer LAN packet and 
an egress address of the service provider network is known: and 

at least one rouW operable to route the packet according to the respective 
egress address, said routing being restricted to virtual ports of the service provider 
network b elonging to the distinct set of virtual ports which includes the ingress virtual 
port. \ 

56. (new) A routing device as defined in claim 55, wherein the address 
assigner comprises an address association table and is operable: 

to assign a respective ingress address to each customer LAN packet 
entering the service provider network, the respective ingress address designating a 
Virtual port of the service provider network via which the packet enters the service 
provider network: 

to use assigned inoress addresses to populate the address association table: 

and 
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to use the addr ess association table to determine correspondences between 
destination addresses of customer LAN packets and eoress addresses of the service 
provider network. 



22 



PAGE 23/30 * RCVD AT 12/18/2003 2:25:34 PM [Eastern Standard Time] * SVR:USPT0-EFXRF-1/1 * DNIS:8729314 * CSID:613 768 3635 * DURATION (mm-ss):07-38 



